Digital steganography. Subject, terminology, areas of application. Computer steganography methods

Which of you, dear readers, has no secrets? And who, at least once in their life, has not had to entrust something important to someone, taking their word to keep the secret? I think you will agree with me: information protection is a matter that concerns everyone.

Steganography in the distant and recent past

The problem of ensuring the confidentiality of stored and transmitted data in the modern information world has become especially acute. If there is information to which access should be limited, every knowledgeable person will first advise encrypting it. Then, even after receiving the encryption itself, the attacker will not be able to access its contents. This data can be more or less securely stored and sent over public communication channels. This method of protecting information, called cryptographic protection, is widely used both in computer and other spheres of life of human society.

But what to do if you need to not only block access to secret information, but also hide the very fact of the presence of any secret? This problem is not as abstract as it might seem to someone at first glance. Let's say you send personal letters from your workplace, and all outgoing mail is reviewed by management. Of course, such letters can be encrypted, but this will most likely arouse even greater interest from the boss: are you passing on official secrets? In general, this task is very delicate, and steganography should help here.

This word translated from Greek literally means “secret writing.” The first techniques of steganography, as historians believe, appeared in Ancient Egypt and were then used wherever writing existed.

What was steganography in the pre-computer era? It is almost impossible to classify all methods of hiding information - they are numerous and varied. To make it clear that the entire range of these methods is united by only one thing - the purpose of their use, we will give several historical examples.

In antiquity, when waxed tablets were used for writing, secret information could be written directly on the backing, then apply wax, and write some harmless text on it. If such a tablet were given to the enemies, they would not have guessed that there were any secrets there. In the Middle Ages, and even later, special ink, invisible to the prying eye, was very popular. A message written with their help could only be read after special processing of the paper. Remember the famous story about the smart Lenin and the stupid gendarme? So Vladimir Ilyich used just such a steganographic tool - milk ink, which after drying became almost invisible, and when heated, appeared in clear brown letters. In addition to such simple methods, complex compositions were also invented, for the manifestation of which it was necessary to carry out a chemical reaction.

Often, to transmit important data, extraneous text was used (a book, a note in a newspaper, an innocuous letter about the weather, etc.), the letters and symbols of which encoded confidential information. And here the scope for imagination is simply enormous: the hidden text can be read by the first letters of words (the acrostic principle) or determined according to a pre-agreed rule. After the invention of generally accepted codes (for example, Morse code), it became possible to recognize secret text by word lengths: 4-5 letters - dash, 5-6 letters - dot, 7 or more - space, less than 4 letters - ignored). In handwritten text, the features of the letterforms - sizes, curls, etc. - could have meaning. It’s impossible to list everything.

With the advent of photography, new methods became available - for example, microdots were added to meaningless photographs. Similar methods of secret messages were actively used during the Second World War.

The widespread use of computer technology has opened new horizons for the inventors of secret writing methods. On the one hand, some of the old methods were adapted and refined, and on the other, new algorithms were developed that are applicable only in the field of computer technology.

Modern approaches to steganography

Before we begin a review of the approaches to computer secret writing that exist today, let’s agree on the basic concepts. In steganography there are always two components - what needs to be hidden, and where we will hide it. We will call the first component a message, or steganogram, and the second - a container. The message can be text or, in general, an arbitrary file, and text or multimedia (audio, video, graphic) files, as well as storage media (external or built-in) are usually used as a container.

Depending on the type of container, computer steganographic algorithms can be conveniently divided into three main groups.

1. The use of text files as a container involves the use of pre-computer methods or variations on their theme. If a text message is hidden, then you can do without modern technology altogether - a traditional acrostic poem or something like invisible ink (white letters on a white background) will do just fine. Special fonts are also used, in which the same letter can have several slightly different styles.

The developer's imagination can come in handy if it is necessary to hide binary data in the text. If an arbitrary file is used as a steganogram, it is considered as a sequence of single bits or a short series of bits (groups of two or three bits). To encode them, spaces are used (one space is 0, two spaces are 1) or non-printable characters (for example, the null character). The example above with Morse code may well be suitable for solving this problem: then the lengths of words or their first letters will be used to encode short series of bits.

All methods of this group, despite their obvious simplicity, have one very serious drawback - a hidden message can be easily detected even by a layman, so it makes sense to use them only when it is not possible to use non-text information as a container.

2. Hiding data in unused areas of media, in contrast to the previous group of algorithms, is the know-how of the period of computer technology. These methods are based on the characteristics of file systems. Firstly, files always occupy an integer number of clusters, so between two files there is usually free space, which is used to place the message. Secondly, you can use the zero track of the disk to transfer information. It is also possible to remove the header record of a file from the media, and the file system will consider the space occupied by this file to be free.

The weakness of all of the above methods is the same ease of detection, since the places where the message was planted are obvious. In addition, the latter method requires sending the header part of the file separately from the media, which does not increase the level of secrecy at all. The use of algorithms from this group to organize secret information exchange involves the use of external drives, which usually have a small capacity, which imposes significant restrictions on the size of the hidden data. Therefore, it would be more reasonable to choose storage media as a container only in the case where it is planned to classify the stored, rather than transmitted, data.

3. The third and most common class of containers is multimedia files (we will talk mainly about graphic files, but everything that has been said is also true for audio and video data). Traditionally, the large volumes of such container files make it possible to pack large messages into them, and various, constantly improving formats and standards have led to the emergence of many steganographic algorithms. But no matter how wide the range of these methods is, almost all of them are based on one of two fundamental approaches.

3.1. In simple non-commercial steganography programs, areas of graphic files are often used as a container, changing which does not affect the image. Hidden information can be placed after the end of the image data, and between individual pictures of the same file (for example, an animated GIF), and in comment fields that are ignored when drawing. Such steganograms are easily detected, so they are usually designed so that no one will specifically look for them.

3.2. The Least Significant Bit (LSB) method is the most common method in electronic steganography. It is based on the limited capabilities of the human senses, due to which people are unable to distinguish subtle variations in colors or sounds. To simplify the description, we will show the principle of operation of this method using the example of a 24-bit RGB raster image. One image point in this format is encoded by three bytes, each of which is responsible for the intensity of one of the three component colors (Fig. 1).

As a result of mixing colors from the red (R), green (G) and blue (B) channels, the pixel gets the desired hue. To more clearly see the principle of operation of the LSB method, let’s write each of the three bytes in bit form (Fig. 2). The low-order bits (they are located on the right in the figure) have less influence on the final image than the higher-order ones. From this we can conclude that replacing one or two of the least significant bits with other arbitrary bits will distort the hue of the pixel so slightly that the viewer simply will not notice the change.

Let's say we need to hide six bits at a given point in the image: 101100. To do this, we will split them into three pairs (Fig. 3) and replace them with the two least significant bits in each channel (Fig. 4).

As a result, we will get a new shade, very similar to the original one. These colors are difficult to distinguish even over a large area of ​​fill, although the difference will be noticeable at one individual point (Fig. 5). As practice shows, the replacement of the two least significant bits is not perceived by the human eye. If necessary, you can occupy three digits, which will have a very slight effect on the quality of the picture.

Rice. 5. Left original color, right color after modification

Let's now calculate the useful volume of such an RGB container. By occupying two out of eight bits per channel, we will be able to hide three bytes of useful information for every four pixels of the image, which corresponds to 25% of the image volume. Thus, having an image file of 200 KB in size, we can hide up to 50 KB of arbitrary data in it so that these changes will not be noticeable to the naked eye.

A modification of the LSB method are steganography algorithms developed for compressed multimedia data. In particular, the algorithm for hiding data in JPEG images is quite popular among steganography software developers. Since converting a picture to JPEG involves loss of information, it makes no sense to embed a steganogram in the original image, since it will then be impossible to restore it. The solution was found in the compression algorithm itself - without going into the details of the JPEG specification, let's say that compression takes place here in three stages: discrete cosine transform (DCT), quantization and secondary compression (Huffman coding), and the third stage takes place without data loss, therefore DCT coefficients after quantization are used as a container, that is, the low-order digits of these coefficients are replaced with user information. Such capabilities are provided by almost all lossy compression schemes, including audio and video formats.

What explains the leadership of the LSB method among steganographic algorithms? Firstly, multimedia containers do not raise suspicion: you can easily send your photo or a nice landscape to a friend. Secondly, the least significant bits of digitized images, sound or video may have a different distribution depending on the analog-to-digital conversion parameters used, additional computer processing and other factors. This feature makes the least significant bits method the most secure against nesting detection. Finally, thirdly, LSB implementations for most container file standards do not require significant time and effort - the idea of ​​​​the specified method is simple, like everything ingenious.

Steganogram detection

The principle of actions aimed at detecting steganograms is, in general, nothing complicated. First, you need to find all the possible places where foreign information is stored that the container file format allows. Next, you need to extract data from these places and analyze their properties for compliance with standard values. To solve the first problem, it is enough to carefully study the specifications of the file formats used, and the second is usually solved by statistical analysis methods. For example, if it is necessary to hide a certain text fragment, then such a message will contain only symbolic information: 52 Latin characters, 66 Cyrillic characters, punctuation marks and some service characters. The statistical characteristics of such a message will differ sharply from the characteristics of a random sequence of bytes, which should resemble the least significant bits of an RGB image collected together (for the LSB method).

Increasing the reliability of data concealment and stopping it

Based on the methods of analyzing potential containers for the presence of secret attachments in them, we can formulate several tips for increasing the reliability of data hiding. First of all, you need to make it difficult to find areas of the container file containing fragments of the steganogram. This is quite possible to implement using the LSB method. For this purpose, the message bits are not packed into all bytes of the image in a row, but with gaps, which complicates the analysis. In a more serious version, the addresses of the bytes containing the attachment will be calculated by a certain function, which will receive, say, the user's password as an argument.

The statistical properties of the message then need to be brought closer to what the analyst expects to find in the uncorrupted container file. If you are going to use comment text fields to transmit binary data, then it makes sense to use Base64 or similar encoding so that the binary sequence is written in character characters. Although this will not deceive a professional, it will allow you to bypass some software filters.

The least significant bits method requires doing the opposite - making the message as similar as possible to a random set of bits. To do this, you can compress the steganogram using one of the archiving algorithms, which will smooth out the statistical characteristics of the attachment, and in addition, make it more compact in order to pack more user data into a container of the same capacity. Archives are very reminiscent of equally probable sequences, but still have their own service format (headers, markers, etc.), therefore, to finally give the message the properties of a random stream, it is recommended to use an encryption algorithm. In this case, you can use the same password that was used to calculate the addresses of the carrier bytes. In addition to increasing the reliability of the steganographic algorithm, encryption creates a second line of defense: even if an attacker finds your data, he still will not be able to decrypt it without knowing the password.

Regarding the use of the LSB method, there are a few more simple tips that will allow you to bypass steganographic control:

You should not use more than three bits of each container byte to store a message, but it is better to limit yourself to two, breaking a large message into several small ones or selecting a more capacious carrier file. In addition, you should not fill the container with user data “to capacity” - the smaller the share of important information in the total volume of the transferred file, the more difficult it is to detect the fact of bookmarking. In practice, it is usually recommended to hide messages so that their size is no more than 10% of the container size;

It is not recommended to use artificially created images or photographs for steganographic purposes that contain significant areas of solid color (for example, blue sky). A large number of small motley details, on the contrary, will increase the reliability of concealment;

A poor container for your message would be public, well-known media files, since a simple comparison of your file with the original will immediately reveal the steganogram. For these purposes, it is better to use a digital image made with your own hands - using a digital camera or scanner.

Steganography provides tools of varying complexity and reliability for those who want to keep their correspondence secret - you can use one of dozens of ready-made free or commercial programs, or you can implement the algorithms described above yourself (such solutions are sometimes more reliable than widely used ones). But what should employees of information security departments of enterprises do, whose task is precisely to suppress the secret correspondence of employees in order to prevent the leakage of confidential information from the company? First, you need to try your luck (in case the attacker’s preparation turns out to be weak) and check the most accessible storages: comment fields and extension fields of various file formats to make sure that there are no unreasonably large attachments in the correspondence. Text messages should be meaningful, and meaningless phrases like “the actor is quickly dragging a watermelon of the sixth army” should immediately attract attention - they can be automatically generated by special steganographic programs using dictionaries. Steganograms packed using the LSB method are difficult to detect, especially if this method is used correctly. The way out of the situation is suggested by the very principle that formed the basis of the least significant bits algorithm: if changing the low-order bits of each byte of a multimedia file does not affect the quality of the image or sound, then you can, with a clear conscience, replace these bits with zero bits. We won’t spoil a harmless picture in this way, but we will definitely stop unauthorized data transfer.

Examples of application of steganography

So that the theory of steganography does not seem speculative to you, having nothing to do with practice, we will give an example of its application. For the demonstration, we used one of dozens of free and shareware programs that provide steganographic information hiding services and are available for download on the Internet. As a container, according to the rules described above, a photograph in BMP 24-bit format with a size of about 1 MB was chosen, selected from the personal photo album of the author of this article on the principle of the absence of large monochromatic fills and the presence of small details. The message was a random binary file (some kind of dynamic library) with a size of just over 100 KB, which was just about 10% of the container size. Before the attachment was packaged into an image file, it was automatically encrypted by the specified program using the Blowfish algorithm. So, all security requirements are met, and two pictures, in one of which a tenth of the information is replaced by arbitrary data, are practically indistinguishable - see for yourself (Fig. 6).

Rice. 6. Right original image; left image with attachment

In addition to the secret transfer and storage of information, steganography has another area of ​​application - copyright protection. Since a message can be added to an image, audio or video file in a way that does not detract from the viewing/listening experience, and since such an attachment is virtually impossible to detect and remove, the message can be used as a signature. Such “watermarks” will help prove that, for example, a photo you took was illegally used for the design of a certain well-known Web site. Currently, there are a number of programs that implement electronic signatures of multimedia data using steganography methods, as well as scan the Internet to detect works used without permission.

Instead of a conclusion

Every great invention in human history - from the wheel to gunpowder, from writing to the splitting of the atom - has been used both for the good and for the detriment of society, and steganography is no exception. Previously, this area of ​​​​knowledge was accessible only to a few, but with the advent of the “virtual era”, when personal computers are on almost every desk, steganography is becoming a mass commodity. And the task of a loyal employee is to hide from the suspicious gaze of his boss, and the goal of a good boss is not to allow a dishonest employee to sell company secrets to competitors. And our task is to remember the centuries-old history of steganography, know its methods and be able to apply them for the benefit of ourselves and others.

Let's assume that you are a spy and (like any self-respecting spy) you have a lot of secret information on your hard drive. You need to hide it so that no one finds it. Moreover, if you are caught, your computer will be sent for examination and whoever looks for this information will be 99% sure that such information is on the hard drive.

So what ways to hide information are at our disposal...

Method 1 - Trivial

The easiest way is to rename the file. For example, you have a picture that needs to be hidden. You simply rename the file extension and the image is no longer recognized by the system as an image. But, of course, this is foolproof. If you, for example, rename a JPG file to RAR, then such a RAR archive cannot be opened, WinRar will complain that this archive is broken, which will cause suspicion and a deeper study of this file.

Method 2 - Trivial, advanced

Another simple way, but still more advanced, is to merge two different files into one. The simplest example: adding a RAR archive to the end of a JPEG image. Such an image will open without problems in any program for viewing/editing pictures, and will also open in WinRar. The fact is that almost all programs for working with archives are designed for the fact that the archive does not start from the beginning of the file, since it is possible that the archive is enclosed in a self-extracting shell. But the disadvantages of this method are that such gluing can be easily noticed. For example, if a picture has a size of 200x200 and weighs 2 megabytes, then suspicions immediately arise. In addition, all formats (containers) usually have a clear structure, and if suddenly there is some kind of redundant information in the file, it is easy to detect.

Therefore, we need a way to hide information that does not violate the structure of the file of the selected format.

Method 3 - LSB

As already written earlier, this method is very simple to implement, while it does not violate the rules of the container and the file does not store redundant information. But this method also has quite a few disadvantages. Firstly, it only applies to a small number of containers. For example, it cannot be applied to JPG, MP3 or AVI format. But as a rule, files of precisely these formats are stored in hundreds on our computers, and this is where it is most convenient to hide information. Personally, I would immediately suspect something was wrong if I found a large library of pictures in BMP format on my computer. This method also fails in images with a uniform surface. Try applying this method to an MP3 file. Changing just one bit every 2 or even more bytes will lead to inevitable damage to audio data.

For those who want to play with this method, I can offer a plugin for Total Commander that allows you to hide data in some image containers, as well as in WAV (provided that the audio data is encoded with a PCM codec).

There are also more advanced algorithms, for example the Koch-Zhao algorithm, which hides data only in pictures. Its difference is that it encodes one bit of information in 8x8 pixel blocks. Unfortunately, due to the small amount of information about this algorithm on the Internet, I cannot tell you anything more about it.

Method 4 - Meta data

Many formats can store certain metadata. The advantage of this method is that it also does not violate the file format, and working with this metadata is usually well documented and there are ready-made libraries that allow you to quickly write a program to store your data in these files. Almost all media formats have metadata support. However, it is not always possible to store data there so that it is not visible. So where can you try to store secret data:

MP3

Only recently a post appeared on Habré: Hiding text in MP3, which describes the PHP implementation of storing your information in the ID3v1 tag. But the fact is that the ID3v1 tag has very strict restrictions and a lot of information cannot be stored there. In addition, in any normal media player, all your data is visible at a glance. The ID3v2.4 tag is a completely different matter, which allows you to store much larger data, and also allows you to save any non-standard data. For example, some programs store volume and normalization settings there for each individual file. Media players usually do not display options that are not known to them.
Since we are talking about MP3, it is worth mentioning the little-known Lyrics3 tag, which was created to store song lyrics in a file, as well as an extension of the ID3v1 tag (for example, it allowed saving a longer song title), but the release of the ID3v2 tag standard prevented the Lyrics3 tag from becoming widespread. But strangely enough, a large number of MP3 files that can now be found on the Internet contain this tag (although nothing else is stored there except the name of the song).

JPEG

The JPEG format has support for the EXIF ​​tag. The data in this tag is stored in key=value pairs. In theory, there is no problem adding some non-standard key containing your encrypted data there. A program working with this tag, having stumbled upon this key, will most likely simply ignore it and not display it.

AVI

Not many people know that AVI files also have support for metadata, and you can store a lot of things there. As in MP3 and JPEG, you can create your own key, which will simply be ignored by programs working with metadata. I can recommend a good program for viewing metadata of AVI files: abcAvi Tag Editor

The disadvantage of storing secret data in the file's metadata is obvious; there are many programs that display their entire contents, including non-standard and private values.

Method 5

And finally, I want to tell you about one wonderful way to store secret data in MP3 files. It is implemented in the MP3Stego program. Unfortunately, the author of this program has not updated the project since 2006. The idea is that the data is first encrypted and then, at the heart of the encoding process, the MP3 file (from the WAV) is mixed into the final result. The result is a regular MP3 file, without noticeable distortion, but containing encoded data.

Tags: Add tags

I think everyone has heard of steganography at least once. Steganography (τεγανός - hidden + γράφω - I write, literally “hidden writing”) is interdisciplinary the science and art of transmitting hidden data, inside others, not hidden data. The hidden data is usually called stego message, and the data that contains stego message called container.

There are countless steganographic methods. At the time of this writing, at least 95 steganography patents have already been published in the United States, and at least 29 patents have been published in Russia. Most of all I liked the patent Kursh K. And Lav R. Varchney "Food steganography"(“Food steganography”, PDF)

A picture from a “food” patent to attract attention:

However, after reading a decent number of articles and works devoted to steganography, I wanted to systematize my ideas and knowledge in this area. This article is purely theoretical and I would like to discuss the following questions:

1. Purposes of Steganography- in fact there are three of them, not one.
2. Practical application of steganography- I counted 15.
3. The place of steganography in the 21st century- I believe that from a technical point of view the modern world is already prepared, but "socially" Steganography is still “lagging.”

I tried to summarize my research on this issue. (This means there is a lot of text)
I hope for reasonable criticism and advice from the habro community.

Purposes of Steganography

Target is an abstract task regarding which a scientific theory and methodology for achieving this goal are developed. No need to be confused target And application. Target extremely abstract, unlike applications.

As I said before, there are three goals in steganography.

Digital fingerprints (Digital Fingerprint)

This type of steganography implies the presence various steganographic message tags for each copy container. For example, COs may be applicable to protect an exclusive right. If, using some algorithm, the adversary is able to extract the CO from the container, then it is impossible to identify the enemy, but until the adversary learns to forge the CO, he will not be able to distribute the protected container without detection.

Thus, when extracting a CO, a third party (i.e., an adversary) can pursue two goals:

1. removing the central heating unit from the container ( "weak target");
2. replacement of one central heating center with another central heating center ( "strong goal").

An example of a CO is the sale of electronic books (for example, in *.PDF format). When paying for a book and sending it to the recipient, you can *.pdf insert information about e-mail; IP; data entered by the user, etc. Of course, these are not fingerprints or DNA analysis, but, you see, this is better than nothing. Perhaps in Russia, due to a different culture and a different, historically established, attitude towards exclusive rights, this use of steganography is irrelevant; but, for example, in Japan, where downloading torrent files can lead to imprisonment, the use of steganographic centers is more likely.

Steganographic watermarks (SVZ) (Stego Watermarking)

Unlike the CO, the SVZ implies the presence identical tags for each copy container. In particular, SVZ can be used to confirm copyright. For example, when recording on a video camera, you can intersperse information about the recording time, video camera model, and/or the name of the video camera operator into each frame.
If the footage falls into the hands of a competing company, you can try to use the SVZ to confirm the authorship of the recording. If the key is kept secret from the camera owner, then using the SVZ you can confirm the authenticity of photos and/or video images. By the way, our colleague in the shop, Dmitry Vitalievich Sklyarov, successfully . The problem was really a hardware one, Dmitry Vitalievich did not touch the quilt itself, nevertheless, he steganographically “proved” the authenticity of Stalin with the iPhone.

Photo of Stalin with an iPhone, taken by D.V. Sklyarov (with correct SVZ)

Hidden Data Transfer (SDT)

This is the “classical” goal of steganography, known since the time of Aeneas Tacticus (Αινείας ο Τακτικός, see his work containing simple steganographic techniques:). The task is to transmit data so that the enemy does not realize that the message has appeared.

In modern Russian-language works devoted to steganography, the term is often used DWW (Digital Watermarks). This term means either SVZ or central heating center. (And sometimes SVZ and DH at the same time, and even in one article!) Nevertheless, when implementing DH and SVZ, the problems and tasks that arise are fundamentally different! Indeed, the SVZ on all copies of an electronic document is the same, and the CO on all copies of documents is different. For this reason, for example, conspiracy attack fundamentally impossible in SVZ! At least for this reason, it is necessary to distinguish between SVZ and CO. I strongly advise anyone who is going to work in the field of steganography not to use the term digital signature in their speech.

This seemingly obvious idea still causes confusion among many. A similar point of view on the need to distinguish between SVZ and CO was expressed by such well-known “steganographers” in narrow circles as Cachin, Petitcolas, Katzenbeisser.

For each of these three goals, you should develop your own criteria for the strength of a steganographic system and formal information-theoretical models for achieving them, because The meaning of using steganography is different. The fundamental difference between SVZ and CO is written above. But maybe it makes sense to combine SPD with the central heating center or with SVZ? No! The point is that the meaning of the SOP is the hidden data transfer itself, and the CO and SVZ are intended to protect the container itself. Moreover, the very fact of the existence of a CO or SVZ may not be secret, unlike most tasks for SPD. In particular, for this reason, talking about the possibility of constructing a perfect stegosystem (according to Cachen) for the implementation of central or central control for most practical problems does not make any practical sense.

4. Protection of the exclusive right (PR)

A possible application is the Holographic Versatile Disc (HVD). (However, there is a point of view that this technology was initially “stillborn”) The HVBs currently being developed can contain up to 200 GB of data per cartridge. These technologies are supposed to be used by television and radio broadcasting companies to store video and audio information. The presence of COs inside the correcting codes of these disks can be used as a primary or additional means to protect licensing rights.

Another example, as I wrote earlier, is the online sale of information resources. This could be books, films, music, etc. Each copy must contain a CO for personal identification (at least indirectly) or a special mark to verify whether it is a licensed copy or not.

The company amazon.com tried to realize this goal in 2007-2011. Quote from the article:

In Russian: the downloaded file will contain a unique purchase identifier, date/time of purchase and other information (...).

It was not possible to download these compositions directly (Amazon swears and says that it can only sell them in the United States). I had to ask my American friends and after a while I had the same song in my hands, but downloaded independently by two different people from different Amazon accounts. The files looked exactly the same, the size was the same down to the byte.

But because Amazon wrote that it includes a download identifier in each mp3 and some other data. I decided to check the two existing files bit by bit and immediately found differences.

5. Copyright protection (CPR)

In this case, each copy of the content is protected with one sign. For example, this could be a photograph. If a photograph is published without the photographer’s permission, saying that he is not the author of this work, the photographer can try to prove his authorship using steganography. In this case, each photo should contain information about the serial number of the camera and/or any other data that allows you to “link” the photo to one single camera; and through the camera, the photographer can try to indirectly prove that he is the author of the photo.

6. Protection of document authenticity (POA)

The technology may be the same as for copyright protection. Only in this case, steganography is used not to confirm authorship, but to confirm the authenticity of the document. A document that does not contain a CVZ is considered “not real”, i.e. fake. Dmitry Sklyarov, already mentioned above, was solving the opposite problem. He found a vulnerability in a Cannon camera and was able to fake the authenticity of a photo of Stalin with an iPhone.

7. Individual fingerprint in EDMS (CO)

IN electronic document management system(EDMS) you can use an individual fingerprint inside *.odt, *.docx and other documents when the user works with them. To do this, special applications and/or drivers must be written that are installed and run on the system. If this task is completed, then using individual fingerprint it will be possible to identify who worked with the document and who did not. Of course, in this case it is stupid to make steganography the only criterion, but as an additional factor in identifying participants working with a document, it can be useful.

8. Watermark in DLP systems (SVZ)

Steganography can be used for preventing information leaks(Data Leak Prevention, DLP). Unlike individual fingerprint in EDMS, in this application of steganography, when creating a document containing a confidential nature, a certain mark is inserted. In this case, the label does not change, regardless of the number of copies and/or revisions of the document.

In order to remove the tag you need a key. The stegokey, of course, is kept secret. The DLP system, before approving or refusing to release a document externally, checks the presence or absence of a watermark. If the sign is present, then the system does not allow sending the document outside the system.

9. Hidden transmission of control signal (SPT)

Let's assume that the recipient is some system (for example, a satellite); and the sender is the operator. In this case, steganography can be used to deliver any control signal to the system. If the system can be in different states and we want the enemy not to even realize that the system has moved to another state, we can use steganography. Using only cryptography, without steganography, can give the enemy information that something has changed and provoke him into unwanted actions.

I think no one will argue that in the military sphere this task is incredibly relevant. This task may also be relevant for criminal organizations. Accordingly, law enforcement agencies should be armed with a certain theory on this issue and promote the development of programs, algorithms and systems to counter this use of steganography.

10. Steganographic botnet networks (SBN)

To be pedantic, this application can be considered a special case hidden transmission of a control signal. However, I decided to highlight this application separately. My colleague from TSU sent me a very interesting article by some Shishir Nagaraja, Amir Houmansadr, Pratch Piyawongwisal, Vijit Singh, Pragya Agarwal And Nikita Borisov"and “Stegobot: a covert social network botnet”. I’m not an expert on botnet networks. I can’t say whether this is a crapshoot or an interesting feature. I’ll just hear the opinion of the habra community!

11. Confirmation of the reliability of the transmitted information (CO).

The stego message in this case contains data confirming the correctness of the transmitted container data. As an example, this could be a checksum or a hash function (digest). The task of verifying validity is relevant if the adversary has a need to falsify container data; for this reason this application should not be confused with document authenticity protection! For example, if we are talking about a photograph, then the protection of authenticity is proof that this photograph is real, not faked in Photoshop. We seem to be protecting ourselves from the sender himself (in this case, the photographer). If authenticity is confirmed, it is necessary to organize protection from third parties (man in the middle), who have the ability to falsify data between the sender and recipient.

This problem has many classical solutions, including cryptographic ones. Using steganography is another way to solve this problem.

12. Funkspiel (“Radio Game”) (SPD)

From Wikipedia:

Definition of Funkspiel

Radio game (tracing copy from German Funkspiel - “radio game” or “radio play”) - in the practice of intelligence of the 20th century, the use of radio communications to misinform enemy intelligence agencies. For a radio game, a radio operator or double agent captured by counterintelligence and converted is often used. The radio game allows you to simulate the activities of a destroyed or never-existed intelligence network (and thus reduce the enemy’s activity in sending new intelligence officers), transmit disinformation to the enemy, obtain information about the intentions of his intelligence agencies, and achieve other intelligence and counterintelligence goals.

The possibility of failure and subsequent radio play was taken into account when planning reconnaissance operations. Various signs in the radiogram were specified in advance, by the presence or absence of which one could understand that the radio operator was working under the control of the enemy.

Stego message in this case contains data indicating whether the information is worth accepting container seriously. It can also be some kind of hash function or simply a pre-set sequence of bits. It can also be a hash function of the start time of the transfer (In this case, to eliminate the problem of time desynchronization between the sender and the recipient, the time should be taken with an accuracy of minutes or even hours, and not with an accuracy of seconds or milliseconds).

If the stego message fails validation, the container should be ignored by the recipient, regardless of its contents. In this case, steganography can be used to misinform the enemy. For example, the container could be a cryptographic message. In this case, the sender, wanting to mislead the enemy, encrypts the data with some compromised cryptographic key known to the enemy, and the stego message is used to prevent the recipient from accepting a false container.

Let's assume that the enemy has the ability to destroy the CO. In this case funkspiel can be used against the interests of the sender. The recipient, without finding the label, will not ignore the received container. Perhaps in some practical decisions it is reasonable funkspiel use with confirmation of authenticity. In this case, any information that does not contain a reliability mark is ignored; and accordingly, for a radio game you should simply not include the tag in the message.

13. Inalienability of information (INI)

There are a number of documents for which integrity is important. This can be done by backing up data. But what to do if there is a need to have documents in such a form that it is impossible to separate one information from other information? An example is medical photographs. For reliability, many authors suggest including information about the patient’s name, surname and other data inside the images. See for example the book "Information Hiding Techniques for Steganography and Digital Watermarking" by Stefan Katzenbeisser and Fabien A. P. Petitcolas:

An excerpt about the use of steganography in medicine. from the book ""Information Hiding Techniques for Steganography and Digital Watermarking""

The healthcare industry and especially medical imaging systems may benefit from information hiding techniques. They use standards such as DICOM (digital imaging and communications in medicine) which separates image data from the caption, such as the name of the patient, the date, and the physician. Sometimes the link between image and patient is lost, thus, embedding the name of the patient in the image could be a useful safety measure. It is still an open question whether such marking would have any effect on the accuracy of the diagnosis but recent studies by Cosman et al. revealing that lossy compression has little effect, let us believe that this might be feasible. Another emerging technique related to the healthcare industry is hiding messages in DNA sequences. This could be used to protect intellectual property in medicine, molecular biology or genetics.

Similar arguments can be made about modern astronomy. Here is a quote from Russian astronomer Vladimir Georgievich Surdin ( link to video):

I envy those who are now entering science. Over the past 20 years, we [astronomers] have generally been marking time. But now the situation has changed. Several telescopes of completely unique properties have been built in the world. They see almost the entire sky and receive enormous amounts of information every night. Suffice it to say that over the previous 200 years, astronomers have discovered several thousand objects. (...) This is 200 years! Today, every night we discover three hundred new objects in the solar system! This is more than a person could write down in a catalog with a pen. [per day]

Just think, every night there are 300 new objects. It is clear that these are various small space asteroids, and not the discovery of new planets, but still... Indeed, would it be reasonable to embed information about the time of shooting, the location of shooting and other data directly into the image? Then, when exchanging images between astronomers, scientists could always understand where, when and under what circumstances a particular image was taken. You can even insert information without a key, believing that there is no enemy. Those. use steganography only for the sake of “not alienating” the images themselves from additional information, hoping for the honesty of users; perhaps this would be much more convenient than accompanying each photo with information.

From the world of computer games we can cite WoW. If you take a screenshot of the game containing the username, the time the screenshot was taken (accurate to the minute and IP), the server address.

14. Steganographic distraction (?)

As the name of the task suggests - distract the enemy's attention. This task can be posed if there is any other reason for using steganography. For steganographic distraction It is necessary that the generation of stegocontainers be significantly “cheaper” (in terms of machine and time resources) than detection of steganography by the enemy.

Roughly speaking, steganographic distraction somewhat reminiscent of DoS and DDoS attacks. You divert the enemy's attention away from the containers that actually contain something valuable.

15. Steganographic Tracking (STD)

This application is somewhat similar to step 7 individual fingerprint in EDMS, only the goal is different - to catch the criminal who is “leaking” the information. An example can be given from the real world marked banknotes(“marked money”). They are used by law enforcement agencies so that a criminal who has received money for any illegal activity cannot later claim that he had this money before the transaction.

Why not adopt the experience of “real colleagues” into our virtual world? Thus steganographic tracking Reminds me of something like a honeypot.

Forecast about the future of steganography in the first quarter of the 21st century

Having read fifty different articles on quilting and several books, I will venture to express my opinion on steganography. This opinion is just my opinion and I do not impose it on anyone. Ready for constructive criticism and dialogue.

Thesis. I believe that the world is technically ready for steganography, but culturally, the modern information society has not yet matured. I think that in the near future (2015-2025) something will happen that may in the future be called " steganographic revolution“… This may be a little arrogant statement, but I will try to substantiate my point of view with four points.

First. At the moment there is no unified theory of steganography. A top secret stegosystem (according to Cashen) is of course better than nothing, but in my opinion this is a black and white photograph of the tail of a spherical virtual horse in a vacuum... Mittelholzer tried to slightly improve the results of Christian Cashen, but so far this is a very broad theory.

The lack of a unified theory is an important obstacle. It has been mathematically proven that the Vernam cipher (= “one-time pad”) cannot be cracked, for this reason the connection between V.V. Putin and Barack Obama are carried out precisely with the help of this algorithm. There is a certain theory that creates and studies abstract (mathematical) cryptographic objects (Bent functions, LFSR, Facestyle cycles, SP sets, etc.). There is a zoo of terms and models in steganography, but most of them are unfounded, incompletely studied, or far-fetched.

Nevertheless, there are already certain shifts in this direction. Modest attempts are already being made to use steganography, if not as the main or even the only solution, then as an auxiliary tool. A huge shift in theory has occurred over the past fifteen years (2000-2015), but I think this could be a separate post, it’s hard to say in a nutshell.

Second. Steganography - science interdisciplinary! This is the first thing any aspiring steganographer should understand. If cryptography can abstract away from hardware and solve exclusively problems in the world of discrete mathematics, then a steganographer must study the environment. Although, of course, there are a number of problems in the construction of cryptosystems, for example, side-channel attacks; but this is not the fault of the quality of the cipher. I think that steganography will evolve in line with the development of the study of the environment in which hidden messages are transmitted. Thus, it is reasonable to expect the emergence of “chemical steganography”, “steganography in images”, “steganography in error-correcting codes”, “food steganography”, etc.

Starting around 2008, everyone realized this. Not only mathematicians-cryptographers, but also linguists, philologists, and chemists became interested in steganography. I think this is a positive change that speaks volumes.

Third. The modern virtual world is oversaturated with texts, pictures of cats, videos, and so on and so forth... On one YouTube site every minute Over 100 hours of video uploaded! Just think every minute! How many minutes have you been reading this lengthy opus?.. Now multiply this number by 100! That's how many hours of different videos appeared on YouTube alone during this time!!! Can you imagine it? But this is a huge “ground” for hiding data! That is, “technically” the world has been ready for steganography a long time ago. And to be honest, I am deeply confident that steganography and countering steganography will in the near future become as pressing a problem as the BigData Colossus problem...

This information ceased to be secret, if my memory serves me correctly, only in the 2000s. Another historical example is the RSA algorithm, which was invented at the end of WWII by British cryptographers. But, for obvious reasons, the military classified the world's first asymmetric encryption algorithm and the palm went to Diffie, Helman, and then Rivest, Shamir and Adleman.

Why am I saying this? The fact is that in information security everything is invented minimum twice: once “closed”, and the second time “open”; and in some cases even more than twice. This is fine. I think steganography is also waiting (it’s no longer possible).

In modern Western literature, for some reason, many scientists who proposed very interesting ideas in 1998-2008 “disappeared” (that is, stopped publishing). (eg Peter Weiner, Michelle Elia). A roughly similar situation existed before the invention of atomic weapons... Who knows, perfect stegosystems may have already been invented and they are being successfully used by the GRU and/or the NSA? And we, finishing reading this post and looking at our wristwatches, calculate how many more hours of purring cats have been uploaded by millions of users on YouTube and whether there are cats with correspondence from terrorists among them; commands for a botnet network or RT-2PM2 drawings encrypted with the Vernam cipher.

Introduction

The problem of protecting information from unauthorized access has been solved at all times throughout human history. Already in the ancient world, two main directions for solving this problem emerged, which exist to this day: cryptography and steganography. The purpose of cryptography is to hide the contents of messages by encrypting them. In contrast, steganography hides the very existence of a secret message.

The word "steganography" has Greek roots and literally means "secret writing." Historically, this direction appeared first, but was then supplanted by cryptography. Secret writing is carried out in a variety of ways. The common feature of these methods is that the hidden message or secret information (Additional Information) is built into some harmless object that does not attract attention, called hereinafter container or main message. We will call the result of such an embedding quilted message, and the embedding process itself is quilt conversion container. The steg message is then transparently transported to the recipient.

With cryptography, the presence of an encrypted message in itself attracts the attention of opponents, but with steganography, the presence of a hidden connection remains invisible.

People have used a variety of steganographic techniques to protect their secrets. Famous examples include the use of wax-coated tablets, boiled eggs, matchboxes, and even a slave's head (the message was read after the messenger's hair was shaved off). In the last century, so-called sympathetic ink, invisible under normal conditions, was widely used. The hidden message was placed in certain letters of innocent phrases and conveyed by introducing minor stylistic, spelling or punctuation errors into the text. With the invention of photography came the technology of microphotographs, which was successfully used by Germany during the world wars. Marking cards with sharpies is also an example of steganography.

During World War II, the US government attached great importance to the fight against secret methods of transmitting information. Certain restrictions on postal shipments were introduced. Thus, letters and telegrams containing crossword puzzles, moves of chess games, orders for the presentation of flowers indicating the time and their type were not accepted; The hands of the sent clocks were moved. A large detachment of censors was brought in, who even paraphrased telegrams without changing their meaning.

Hiding information using the listed methods is only possible due to the fact that the enemy does not know the method of hiding. Meanwhile, back in 1883, Kerghoff wrote that the information security system must ensure its functions even if the enemy is fully informed about its structure and functioning algorithms. The entire secrecy of the system for protecting transmitted information must lie in the key, that is, in a previously (as a rule) fragment of information divided between recipients. Despite the fact that this principle has been known for more than 100 years, there are still developments that neglect it. Of course, they cannot be used for serious purposes.

Steganography is a science that studies ways and means of hiding confidential information, the main task of which is to hide the very fact of the existence of secret data during its transmission, storage or processing. Hiding the existence of information means not only the impossibility of detecting the presence of another (hidden) message in an intercepted message, but also generally making it impossible for any suspicions to arise in this regard.

The development of computer technology in the last decade has given a new impetus to the development computer steganography. Many new areas of application have emerged. Messages are now embedded in digital data, usually of an analog nature. These are speech, audio recordings, images, videos. There are also proposals for embedding information in text files and executable program files.

There are two main directions in computer steganography: related to digital signal processing and unrelated. In the latter case, messages can be embedded in file headers or data packet headers. This area has limited application due to the relative ease of opening and/or destroying hidden information. Most of the current research in the field of steganography is somehow related to digital signal processing. This allows us to talk about digital steganography, which is discussed below.

There are two reasons for the popularity of research in the field of steganography at the present time: restrictions on the use of cryptocurrencies in a number of countries around the world and the emergence of the problem of protecting property rights to information presented in digital form. The first reason entailed a large amount of research in the spirit of classical steganography (that is, hiding the fact of transmitting information), the second - even more numerous works in the field of so-called watermarks. A digital watermark (DWM) is a special mark that is imperceptibly embedded in an image or other signal in order to control its use in one way or another.

Digital steganography. Subject, terminology, areas of application

Digital steganography as a science was born literally in recent years. As a relatively young science, it does not yet have a generally accepted classification or even terminology. However, we can propose the following classification of areas that steganography includes:

1) embedding information for the purpose of its hidden transmission;

2) embedding digital watermarks (watermarking);

3) embedding identification numbers (fingerprinting) - fingerprints;

4) embedding headings (captioning).

CEH can be used mainly for protection against copying and unauthorized use. In connection with the rapid development of multimedia technologies, the issue of protecting copyrights and intellectual property presented in digital form has become acute. Examples include photographs, audio and video recordings, etc. The benefits of presenting and transmitting messages digitally can be offset by the ease with which they can be stolen or modified. Therefore, various information protection measures of an organizational and technical nature are being developed. One of the most effective technical means of protecting multimedia information consists of embedding invisible marks - digital markings - into the protected object. Developments in this area are carried out by the largest companies around the world. Since the development of CVD methods began quite recently (the first article on this topic was, apparently, the work of 1989), there are many unclear problems that require resolution. These methods got their name from the well-known method of protecting securities, including money, from counterfeiting. Unlike ordinary watermarks, digital watermarks can be not only visible, but also (usually) invisible. Invisible digital images are analyzed by a special decoder, which makes a decision about their correctness. CEZs may contain some authentic code, information about the owner, or some control information. The most suitable objects for protection using digital video protection are still images, audio and video data files.

Technology embedding identification numbers manufacturers has much in common with CVZ technology. The difference is that in the first case, each protected copy has its own unique embedded number (hence the name - literally “fingerprints”). This identification number allows the manufacturer to track the further fate of his brainchild: whether any of the buyers have engaged in illegal replication. If so, fingerprints will quickly point to the culprit.

Embedding Headers(invisible) can be used, for example, to sign medical photographs, apply a legend to a map, etc. The goal is to store heterogeneously presented information into a single whole. This is perhaps the only application of steganography where a potential attacker is not explicitly present.

There are two main requirements for steganographic transformation:

1) invisibility - reliability of perception

2) resistance to various types of distortion.

The ability to hide some data inside others can allow an attacker to stealthily steal a lot of confidential information.

• Steganography: A Little Theory
• Steganography in practice
• Steganography programs
  • ImageSpyer G2
  • StegoTC G2 TC
  • RedJPEG
  • DarkCryptTC ​​and Project Zarya
• DIY steganography

The problem of hiding data has worried humanity since ancient times. Ciphers are usually used to protect information. Their reliability may vary, but by the time the enemy manages to hack it, the information will already be old.

In the era of digital technology, the situation has changed somewhat: the computing capabilities of computers are constantly increasing, and, in addition, a huge number of communication channels have appeared through which information can be transmitted. At the same time, stealing data has become much easier.

If previously a not entirely honest employee had to hide a paper copy in order to take out some secret drawing or document, then in the era of digital technology it has become much easier to take out secrets. The encrypted file can be sent over the network, or it can be transferred to removable media, a flash drive, and hidden in a pocket.

In the first case, everything is relatively simple; there are many solutions for traffic control. To combat copying to flash drives, there are also DLP (Data Leak Prevention) intrusion prevention tools. In general, most DLP solutions control all data leakage channels on a computer, both network and peripheral. So, a properly configured data leak prevention system can not only create problems for an attacker when stealing information, but will also enable administrators to control all his actions, thereby identifying what secrets he is interested in and what means and methods he uses to steal information.

The next obvious step in this “competition between armor and projectile” would be the transfer of information with further transmission through the channels described above. But the very attempt to transfer a file outside that cannot be read should arouse serious suspicion among security guards and be blocked by appropriate software. But you can try to hide encrypted data inside other content. Now we have smoothly approached the main topic of this article - steganography.

Steganography, not shorthand

The Wikipedia article tells us that steganography (literally translated from Greek as “secret writing”) is the science of secretly transmitting information by keeping the actual transmission secret. In contrast, cryptography, which hides the contents of a secret message, hides the very fact of its existence. Although usually these two technologies are used together.

Steganography is used for all sorts of purposes. Often it is used not for theft, but to fight kidnappers. For example, when protecting copyright, when a certain hidden bookmark is hidden in a document, which allows you to determine who owns a given copy of the file. If such a mark is then found somewhere on torrents, copyright holders will be able to find who exactly posted it and present appropriate claims to him.

But in the article I will describe the use of steganography specifically as a means of data theft. Let's start by looking at some theoretical issues. I’ll make a reservation right away that when talking about technical methods for implementing steganography, I will only touch on digital steganography, that is, hiding information inside other digital data. At the same time, I will not touch upon methods based on the use of reserved partitions of a hard or floppy disk by various file systems, or techniques related to the peculiarities of the functioning of various hardware platforms and operating systems. In this article we will be interested only in files of various formats and the capabilities in them.

Steganography: A Little Theory

First of all, I propose to consider the main algorithms that are used for steganography.

Methods like LSB (Least Significant Bit, least significant bit) and similar. Their essence is to replace the last significant bits in the container (image, audio or video recording) with bits of the hidden message. Let's take a graphic file as an example. Visually, it looks like this: we change the low-order bits in the pixel color code in the picture. If we assume that the color code has a 32-bit value, then replacing 0 with 1 or vice versa will not lead to any significant distortion of the picture, noticeable to the human sensory organs. Meanwhile, in these bits for the big picture you can hide something.

Let's look at a small example. Let's say we have an 8-bit grayscale image. 00h (00000000b) means black, FFh (11111111b) means white. There are 256 gradations in total (). Also assume that the message consists of 1 byte - for example, 01101011b. By using the least significant two bits in the pixel descriptions, we need 4 pixels. Let's say they are black. Then the pixels containing the hidden message will look like this: 00000001 00000010 00000010 00000011. Then the color of the pixels will change: the first - by 1/255, the second and third - by 2/255, and the fourth - by 3/255. Such gradations, not only are invisible to humans, may not be displayed at all when using low-quality output devices.

It is worth noting that LSB methods are unstable to various types of “noise”. For example, if any “garbage” bits are superimposed on the transmitted content, this distorts both the original content and (which is especially important for us) the hidden message. Sometimes it even becomes unreadable. A similar technique is used for other formats.

Another method is the so-called soldering of hidden information. In this case, the hidden image (sound, sometimes text) is superimposed on top of the original. The simplest example is white writing on a white background in a PDF document. Attackers usually do not use this method due to the relative ease of detection by automatic methods. However, this method is often used to create watermarks to protect the authorship of content. In this case, these signs, as a rule, are not hidden.

And the third method is to use the features of file formats. For example, this could be recording information in the metadata used by a given file format, or in various other unused reserved fields. For example, this could be a Microsoft Word document, inside of which information will be hidden that will not be displayed in any way when opening this document.

Audio steganography

Another method of hiding information is applicable only to audio files - this is the echo method. It uses irregular spaces between echoes to encode a sequence of values. In general, it is possible to create conditions under which these signals will be invisible to human perception. The echo signal is characterized by three parameters: initial amplitude, degree of attenuation and delay. When a certain threshold is reached between the signal and the echo, they mix. At this point, the human ear can no longer distinguish between these two signals. Two different delays are used to indicate logic zero and one. They should both be less than the listener's ear sensitivity threshold to the received echo.

However, in practice, this method is also not very reliable, since it is not always possible to accurately determine when a zero was transmitted and when a one was transmitted, and as a result, there is a high probability of distortion of hidden data.

Another use case for steganography in audio files is phase coding. The original sound element is replaced by a relative phase, which is the secret message. The phase of successive elements must be added in such a way as to maintain the relative phase between the original elements, otherwise distortion will occur that is noticeable to the human ear.

Today, phase coding is one of the most effective methods of hiding information.

Steganography in practice

At this point, I think, we can finish with the theory and we need to move on to the practical aspects of implementing steganography. I will not describe commercial solutions, but will limit myself to talking about small free utilities that an attacker can easily use, even without administrative rights in the system.

Steganography programs

As a data storage file, I used a 1680x1050 image saved in various formats: BMP, PNG, JPEG. The hidden document was a text file about 40 KB in size. All the programs described coped with the task: the text file was successfully saved and then extracted from the source file. At the same time, no noticeable distortion of the picture was detected. The utilities presented below can be downloaded from the website.

ImageSpyer G2

A utility for hiding information in graphic files using cryptography. At the same time, about 30 encryption algorithms and 25 hash functions for container encryption are supported. Hides a volume equal to the number of pixels in the image. Compression of hidden data is optionally available.

ImageSpyer G2

The utility is compatible with Windows 8. BMP, JPEG, WMF, EMF, TIFF formats can be used as source graphic files.

You can download ImageSpyer G2 for free using .

StegoTC G2 TC

The steganographic archiver plugin (wcx) for Total Comander allows you to hide data in any image, while the BMP, TIFF and PNG formats are supported.

You can download StegoTC G2 for free using .

RedJPEG

The interface of this program, as the name suggests, is made in red style. This easy-to-use utility is designed to hide any JPEG data in an image (photo, picture) using a proprietary steganographic method. Uses open encryption algorithms, stream cipher AMPRNG and Cartman II DDP4 in hash function mode, LZMA compression.

RedJPEG

The professional extended version of RedJPEG XT is complemented by masking the fact of embedding and an enhanced procedure for initializing the stream cipher based on image characteristics. Includes x86 and x86-64 builds.

There is also a RedJPEG XT for TC WCX Total Comander plugin, which has similar functionality.

You can download RedJPEG for free using .

DarkCryptTC ​​and Project Zarya

This program can be called the most powerful steganographic solution. It supports more than a hundred different symmetric and asymmetric cryptographic algorithms. Includes support for a proprietary plugin system designed for block ciphers (BlockAPI), text, audio and image steganography (including real JPEG steganography), a powerful password generator and a system for destroying information and keys.

DarkCryptTC ​​and Project Zarya

The list of supported formats is really impressive: *.txt, *.html, *.xml, *.docx, *. odt, *.bmp, *jpg, *.tiff, *.png, *.jp2, *.psd, tga, *.mng, *.wav, *.exe, *.dll.

The set of programs for steganography is not very large, but it is quite sufficient to effectively hide information in files of various formats.

You can download DarkCryptTC ​​for free using .

Also, on our website there are other materials related to Steganography. To find all programs and books, search for the word “Steganography”

DIY steganography

For those who are familiar with programming, in particular with Visual Studio and C#, I can also recommend a rather interesting one, in which you can find the source texts of steganographic utilities for various data formats: for working with graphic formats and for hiding information, for example, in ZIP archives. The general principle of this conversion is to use the headers of the archived files. A source code fragment for working with ZIP archives looks like this:

private void ZipFiles(string destinationFileName, ↵
string password)
{
FileStream outputFileStream = ↵
new FileStream(destinationFileName, ↵
FileMode.Create);
ZipOutputStream zipStream = ↵
new ZipOutputStream(outputFileStream);
bool isCrypted = false;
if (password != null && password.Length > 0)
( //encrypt the zip file, if password is given
zipStream.Password = password;
isCrypted = true;
}
foreach(ListViewItem viewItem in lvAll.Items)
{
inputStream = new FileStream(viewItem.Text, ↵ FileMode.Open);
zipEntry = new ICSharpCode.SharpZipLib.Zip.ZipEntry(↵ Path.GetFileName(viewItem.Text));
zipEntry.IsVisible = viewItem.Checked;
zipEntry.IsCrypted = isCrypted;
zipEntry.CompressionMethod = ↵ CompressionMethod.Deflated;
zipStream.PutNextEntry(zipEntry);
CopyStream(inputStream, zipStream);
inputStream.Close();
zipStream.CloseEntry();
}
zipStream.Finish();
zipStream.Close();
}

On this site you can find many examples of source codes of any complexity, so studying practical implementations will not be difficult for those interested.